Date: Fri, 6 Jul 2001 17:29:54 -0600 (MDT) From: Paul Hart <hart@orem.verio.net> To: Laurence Berland <stuyman@confusion.net> Cc: <freebsd-security@freebsd.org> Subject: Re: Hiding Versions Message-ID: <Pine.BSF.4.31.0107061718460.24468-100000@mx.dmz.orem.verio.net> In-Reply-To: <Pine.NEB.3.96.1010706140107.7033B-100000@euphoria.confusion.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 6 Jul 2001, Laurence Berland wrote: > As much as it's not all that good in terms of security, changing version > strings will keep the kiddies from ever bothering, which is good just > because it stops them from filling your logs quite as much... You sure about that? I know of many web servers on a UNIX systems that fully advertise their Apache-on-UNIX banner messages and still receive numerous attempts to break in using exploits for Microsoft's IIS. That's not to mention the repeated attempts to break in to FreeBSD or Solaris machines using a exploit for LPRng on Linux, either. Removing or falsifying version strings may fool some rational attackers, but it seems many kiddies will ram the exploit against ANY machine that's listening on port 80 regardless of the operating system it's running or what the banner messages say. Paul Hart -- Paul Robert Hart hart@orem.verio.net Jul ner lbh ernqvat guvf? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0107061718460.24468-100000>